<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Configuring SAML single-sign-on on the Elastic Stack | ElasticSearch 7.7 权威指南中文版</title>
	<meta name="keywords" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <meta name="description" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <!-- Give IE8 a fighting chance -->
    <!--[if lt IE 9]>
    <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
    <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
    <![endif]-->
	<link rel="stylesheet" type="text/css" href="../static/styles.css" />
	<script>
	var _link = 'saml-guide.html';
    </script>
</head>
<body>
<div class="main-container">
    <section id="content">
        <div class="content-wrapper">
            <section id="guide" lang="zh_cn">
                <div class="container">
                    <div class="row">
                        <div class="col-xs-12 col-sm-8 col-md-8 guide-section">
                            <div style="color:gray; word-break: break-all; font-size:12px;">原英文版地址: <a href="https://www.elastic.co/guide/en/elasticsearch/reference/7.7/saml-guide.html" rel="nofollow" target="_blank">https://www.elastic.co/guide/en/elasticsearch/reference/7.7/saml-guide.html</a>, 原文档版权归 www.elastic.co 所有<br/>本地英文版地址: <a href="../en/saml-guide.html" rel="nofollow" target="_blank">../en/saml-guide.html</a></div>
                        <!-- start body -->
                  <div class="page_header">
<strong>重要</strong>: 此版本不会发布额外的bug修复或文档更新。最新信息请参考 <a href="https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html" rel="nofollow">当前版本文档</a>。
</div>
<div id="content">
<div class="breadcrumbs">
<span class="breadcrumb-link"><a href="index.html">Elasticsearch Guide [7.7]</a></span>
»
<span class="breadcrumb-link"><a href="secure-cluster.html">Secure a cluster</a></span>
»
<span class="breadcrumb-node">Configuring SAML single-sign-on on the Elastic Stack</span>
</div>
<div class="navheader">
<span class="prev">
<a href="controlling-user-cache.html">« Controlling the user cache</a>
</span>
<span class="next">
<a href="saml-guide-idp.html">The identity provider »</a>
</span>
</div>
<div class="chapter xpack">
<div class="titlepage"><div><div>
<h2 class="title">
<a id="saml-guide"></a>Configuring SAML single-sign-on on the Elastic Stack<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/security/authentication/saml-guide.asciidoc">edit</a><a class="xpack_tag" href="https://www.elastic.co/subscriptions"></a>
</h2>
</div></div></div>
<p>The Elastic Stack supports SAML single-sign-on (SSO) into Kibana, using Elasticsearch as
a backend service. In SAML terminology, the Elastic Stack is operating as a
<em>Service Provider</em>.</p>
<p>The other component that is needed to enable SAML single-sign-on is the
<em>Identity Provider</em>, which is a service that handles your credentials and
performs that actual authentication of users.</p>
<p>If you are interested in configuring SSO into Kibana, then you will need to
provide Elasticsearch with information about your <em>Identity Provider</em>, and you will need
to register the Elastic Stack as a known <em>Service Provider</em> within that
Identity Provider.  There are also a few configuration changes that are
required in Kibana to activate the SAML authentication provider.</p>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>The SAML support in Kibana is designed on the expectation that it will be
the primary (or sole) authentication method for users of that Kibana instance.
Once you enable SAML authentication in Kibana it will affect all users who try
to login. The <a class="xref" href="saml-kibana.html" title="Configuring Kibana">Configuring Kibana</a> section provides more detail about how this works.</p>
</div>
</div>








</div>
<div class="navfooter">
<span class="prev">
<a href="controlling-user-cache.html">« Controlling the user cache</a>
</span>
<span class="next">
<a href="saml-guide-idp.html">The identity provider »</a>
</span>
</div>
</div>

                  <!-- end body -->
                        </div>
                        <div class="col-xs-12 col-sm-4 col-md-4" id="right_col">
                        
                        </div>
                    </div>
                </div>
            </section>
        </div>
    </section>
</div>
<script src="../static/cn.js"></script>
</body>
</html>